LXR qemu/hw/tpm/tpm

   1/*
   2 * tpm_ioctl.h
   3 *
   4 * (c) Copyright IBM Corporation 2014, 2015.
   5 *
   6 * This file is licensed under the terms of the 3-clause BSD license
   7 */
   8#ifndef _TPM_IOCTL_H_
   9#define _TPM_IOCTL_H_
  10
  11#include <sys/uio.h>
  12#include <sys/ioctl.h>
  13
  14/*
  15 * Every response from a command involving a TPM command execution must hold
  16 * the ptm_res as the first element.
  17 * ptm_res corresponds to the error code of a command executed by the TPM.
  18 */
  19
  20typedef uint32_t ptm_res;
  21
  22/* PTM_GET_TPMESTABLISHED: get the establishment bit */
  23struct ptm_est {
  24    union {
  25        struct {
  26            ptm_res tpm_result;
  27            unsigned char bit; /* TPM established bit */
  28        } resp; /* response */
  29    } u;
  30};
  31
  32/* PTM_RESET_TPMESTABLISHED: reset establishment bit */
  33struct ptm_reset_est {
  34    union {
  35        struct {
  36            uint8_t loc; /* locality to use */
  37        } req; /* request */
  38        struct {
  39            ptm_res tpm_result;
  40        } resp; /* response */
  41    } u;
  42};
  43
  44/* PTM_INIT */
  45struct ptm_init {
  46    union {
  47        struct {
  48            uint32_t init_flags; /* see definitions below */
  49        } req; /* request */
  50        struct {
  51            ptm_res tpm_result;
  52        } resp; /* response */
  53    } u;
  54};
  55
  56/* above init_flags */
  57#define PTM_INIT_FLAG_DELETE_VOLATILE (1 << 0)
  58    /* delete volatile state file after reading it */
  59
  60/* PTM_SET_LOCALITY */
  61struct ptm_loc {
  62    union {
  63        struct {
  64            uint8_t loc; /* locality to set */
  65        } req; /* request */
  66        struct {
  67            ptm_res tpm_result;
  68        } resp; /* response */
  69    } u;
  70};
  71
  72/* PTM_HASH_DATA: hash given data */
  73struct ptm_hdata {
  74    union {
  75        struct {
  76            uint32_t length;
  77            uint8_t data[4096];
  78        } req; /* request */
  79        struct {
  80            ptm_res tpm_result;
  81        } resp; /* response */
  82    } u;
  83};
  84
  85/*
  86 * size of the TPM state blob to transfer; x86_64 can handle 8k,
  87 * ppc64le only ~7k; keep the response below a 4k page size
  88 */
  89#define PTM_STATE_BLOB_SIZE (3 * 1024)
  90
  91/*
  92 * The following is the data structure to get state blobs from the TPM.
  93 * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple reads
  94 * with this ioctl and with adjusted offset are necessary. All bytes
  95 * must be transferred and the transfer is done once the last byte has been
  96 * returned.
  97 * It is possible to use the read() interface for reading the data; however, the
  98 * first bytes of the state blob will be part of the response to the ioctl(); a
  99 * subsequent read() is only necessary if the total length (totlength) exceeds
 100 * the number of received bytes. seek() is not supported.
 101 */
 102struct ptm_getstate {
 103    union {
 104        struct {
 105            uint32_t state_flags; /* may be: PTM_STATE_FLAG_DECRYPTED */
 106            uint32_t type;        /* which blob to pull */
 107            uint32_t offset;      /* offset from where to read */
 108        } req; /* request */
 109        struct {
 110            ptm_res tpm_result;
 111            uint32_t state_flags; /* may be: PTM_STATE_FLAG_ENCRYPTED */
 112            uint32_t totlength;   /* total length that will be transferred */
 113            uint32_t length;      /* number of bytes in following buffer */
 114            uint8_t  data[PTM_STATE_BLOB_SIZE];
 115        } resp; /* response */
 116    } u;
 117};
 118
 119/* TPM state blob types */
 120#define PTM_BLOB_TYPE_PERMANENT  1
 121#define PTM_BLOB_TYPE_VOLATILE   2
 122#define PTM_BLOB_TYPE_SAVESTATE  3
 123
 124/* state_flags above : */
 125#define PTM_STATE_FLAG_DECRYPTED     1 /* on input:  get decrypted state */
 126#define PTM_STATE_FLAG_ENCRYPTED     2 /* on output: state is encrypted */
 127
 128/*
 129 * The following is the data structure to set state blobs in the TPM.
 130 * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple
 131 * 'writes' using this ioctl are necessary. The last packet is indicated
 132 * by the length being smaller than the PTM_STATE_BLOB_SIZE.
 133 * The very first packet may have a length indicator of '0' enabling
 134 * a write() with all the bytes from a buffer. If the write() interface
 135 * is used, a final ioctl with a non-full buffer must be made to indicate
 136 * that all data were transferred (a write with 0 bytes would not work).
 137 */
 138struct ptm_setstate {
 139    union {
 140        struct {
 141            uint32_t state_flags; /* may be PTM_STATE_FLAG_ENCRYPTED */
 142            uint32_t type;        /* which blob to set */
 143            uint32_t length;      /* length of the data;
 144                                     use 0 on the first packet to
 145                                     transfer using write() */
 146            uint8_t data[PTM_STATE_BLOB_SIZE];
 147        } req; /* request */
 148        struct {
 149            ptm_res tpm_result;
 150        } resp; /* response */
 151    } u;
 152};
 153
 154/*
 155 * PTM_GET_CONFIG: Data structure to get runtime configuration information
 156 * such as which keys are applied.
 157 */
 158struct ptm_getconfig {
 159    union {
 160        struct {
 161            ptm_res tpm_result;
 162            uint32_t flags;
 163        } resp; /* response */
 164    } u;
 165};
 166
 167#define PTM_CONFIG_FLAG_FILE_KEY        0x1
 168#define PTM_CONFIG_FLAG_MIGRATION_KEY   0x2
 169
 170/*
 171 * PTM_SET_BUFFERSIZE: Set the buffer size to be used by the TPM.
 172 * A 0 on input queries for the current buffer size. Any other
 173 * number will try to set the buffer size. The returned number is
 174 * the buffer size that will be used, which can be larger than the
 175 * requested one, if it was below the minimum, or smaller than the
 176 * requested one, if it was above the maximum.
 177 */
 178struct ptm_setbuffersize {
 179    union {
 180        struct {
 181            uint32_t buffersize; /* 0 to query for current buffer size */
 182        } req; /* request */
 183        struct {
 184            ptm_res tpm_result;
 185            uint32_t buffersize; /* buffer size in use */
 186            uint32_t minsize; /* min. supported buffer size */
 187            uint32_t maxsize; /* max. supported buffer size */
 188        } resp; /* response */
 189    } u;
 190};
 191
 192
 193typedef uint64_t ptm_cap;
 194typedef struct ptm_est ptm_est;
 195typedef struct ptm_reset_est ptm_reset_est;
 196typedef struct ptm_loc ptm_loc;
 197typedef struct ptm_hdata ptm_hdata;
 198typedef struct ptm_init ptm_init;
 199typedef struct ptm_getstate ptm_getstate;
 200typedef struct ptm_setstate ptm_setstate;
 201typedef struct ptm_getconfig ptm_getconfig;
 202typedef struct ptm_setbuffersize ptm_setbuffersize;
 203
 204/* capability flags returned by PTM_GET_CAPABILITY */
 205#define PTM_CAP_INIT               (1)
 206#define PTM_CAP_SHUTDOWN           (1 << 1)
 207#define PTM_CAP_GET_TPMESTABLISHED (1 << 2)
 208#define PTM_CAP_SET_LOCALITY       (1 << 3)
 209#define PTM_CAP_HASHING            (1 << 4)
 210#define PTM_CAP_CANCEL_TPM_CMD     (1 << 5)
 211#define PTM_CAP_STORE_VOLATILE     (1 << 6)
 212#define PTM_CAP_RESET_TPMESTABLISHED (1 << 7)
 213#define PTM_CAP_GET_STATEBLOB      (1 << 8)
 214#define PTM_CAP_SET_STATEBLOB      (1 << 9)
 215#define PTM_CAP_STOP               (1 << 10)
 216#define PTM_CAP_GET_CONFIG         (1 << 11)
 217#define PTM_CAP_SET_DATAFD         (1 << 12)
 218#define PTM_CAP_SET_BUFFERSIZE     (1 << 13)
 219
 220enum {
 221    PTM_GET_CAPABILITY     = _IOR('P', 0, ptm_cap),
 222    PTM_INIT               = _IOWR('P', 1, ptm_init),
 223    PTM_SHUTDOWN           = _IOR('P', 2, ptm_res),
 224    PTM_GET_TPMESTABLISHED = _IOR('P', 3, ptm_est),
 225    PTM_SET_LOCALITY       = _IOWR('P', 4, ptm_loc),
 226    PTM_HASH_START         = _IOR('P', 5, ptm_res),
 227    PTM_HASH_DATA          = _IOWR('P', 6, ptm_hdata),
 228    PTM_HASH_END           = _IOR('P', 7, ptm_res),
 229    PTM_CANCEL_TPM_CMD     = _IOR('P', 8, ptm_res),
 230    PTM_STORE_VOLATILE     = _IOR('P', 9, ptm_res),
 231    PTM_RESET_TPMESTABLISHED = _IOWR('P', 10, ptm_reset_est),
 232    PTM_GET_STATEBLOB      = _IOWR('P', 11, ptm_getstate),
 233    PTM_SET_STATEBLOB      = _IOWR('P', 12, ptm_setstate),
 234    PTM_STOP               = _IOR('P', 13, ptm_res),
 235    PTM_GET_CONFIG         = _IOR('P', 14, ptm_getconfig),
 236    PTM_SET_DATAFD         = _IOR('P', 15, ptm_res),
 237    PTM_SET_BUFFERSIZE     = _IOWR('P', 16, ptm_setbuffersize),
 238};
 239
 240/*
 241 * Commands used by the non-CUSE TPMs
 242 *
 243 * All messages container big-endian data.
 244 *
 245 * The return messages only contain the 'resp' part of the unions
 246 * in the data structures above. Besides that the limits in the
 247 * buffers above (ptm_hdata:u.req.data and ptm_get_state:u.resp.data
 248 * and ptm_set_state:u.req.data) are 0xffffffff.
 249 */
 250enum {
 251    CMD_GET_CAPABILITY = 1,
 252    CMD_INIT,
 253    CMD_SHUTDOWN,
 254    CMD_GET_TPMESTABLISHED,
 255    CMD_SET_LOCALITY,
 256    CMD_HASH_START,
 257    CMD_HASH_DATA,
 258    CMD_HASH_END,
 259    CMD_CANCEL_TPM_CMD,
 260    CMD_STORE_VOLATILE,
 261    CMD_RESET_TPMESTABLISHED,
 262    CMD_GET_STATEBLOB,
 263    CMD_SET_STATEBLOB,
 264    CMD_STOP,
 265    CMD_GET_CONFIG,
 266    CMD_SET_DATAFD,
 267    CMD_SET_BUFFERSIZE,
 268};
 269
 270#endif /* _TPM_IOCTL_H */
 271